CHAPTER41 HA Configuration
Mediant 800 Gateway & E-SBC | User's Manual
If the HA system is already in HA Preempt mode and you want to change the priority of
the device, to ensure that system service is maintained and traffic is not disrupted, it is
recommended to set the higher priority to the redundant device and then reset it. After it
synchronizes with the active device, it initiates a switchover and becomes the new
active device (the former active device resets and becomes the new redundant device).
Configuring Firewall Allowed Rules
If you want to configure firewall rules (see Configuring Firewall Rules) that block specific network
traffic, you must first configure firewall rules that allow traffic needed in your deployment.
Therefore, in addition to allowing basic traffic (such as OAMP, SIP signalling, and media), you must
also allow HA maintenance traffic between the Active and Redundant devices:
■ UDP ports 669, 670 and 680 (HA synchronization and keep alive)
■ TCP ports 2442 and 80 (HA control and data)
Please configure firewall rules 10 through 17, as shown below, where 10.31.4.61 is the IP address
of the Maintenance interface ("HA_IF") of the Redundant device and 10.31.4.62 the IP address of
the Maintenance interface ("HA_IF") of the Active device.
Table 41-1: Allowed Firewall Rules for HA
Ind-
ex
Source
IP
Sou-
rce
Port
Pre-
fix
Len-
gth
St-
art
Po-
rt
End
Por-
t
Pro-
tocol
Use
Spe-
cific
Inter-
face
Inter-
face
Name
Acti-
on
Upo-
n
Mat-
ch
Pac-
ket
Size
B-
yt-
e
R-
at-
e
Byt-
e
Bu-
rst
0
... Various rules for basic traffic
9
10 10.31.
4.61
669 32 66
9
669 udp Enab
le
HA_
IF
Allo
w
0 0 0
11 10.31.
4.62
669 32 66
9
669 udp Enab
le
HA_
IF
Allo
w
0 0 0
12 10.31.
4.61
0 32 24
42
244
2
tcp Enab
le
HA_
IF
Allo
w
0 0 0
13 10.31.
4.62
0 32 24
42
244
2
tcp Enab
le
HA_
IF
Allo
w
0 0 0
14 10.31.
4.61
80 32 0 655
35
tcp Enab
le
HA_
IF
Allo
w
0 0 0
15 10.31.
4.62
80 32 0 655
35
tcp Enab
le
HA_
IF
Allo
w
0 0 0
16 10.31.
4.61
670 32 68
0
680 udp Enab
le
HA_
IF
Allo
w
0 0 0
- 891 -
To Next Page
Loading...
